I think there’s a real fear that federation can potentially leak a significant amount of user data, down to IPs and tracking fingerprints. Even if the version in the main git doesn’t do that, it’s not inconceivable that this kind of data mining could be quietly implemented as extensions/forks at some point. The threat surface just seems so massive with all the different servers involved in the trust model.
I think there’s a real fear that federation can potentially leak a significant amount of user data, down to IPs and tracking fingerprints. Even if the version in the main git doesn’t do that, it’s not inconceivable that this kind of data mining could be quietly implemented as extensions/forks at some point. The threat surface just seems so massive with all the different servers involved in the trust model.